Browse all 778 CVE security advisories affecting SAP SE. AI-powered Chinese analysis, POCs, and references for each vulnerability.
SAP SE develops enterprise resource planning software that manages business processes for large organizations globally. With 778 recorded CVEs, its attack surface reflects the complexity of its extensive codebase. Historically, vulnerabilities frequently involve remote code execution, cross-site scripting, and privilege escalation, often stemming from improper input validation or insecure default configurations. These flaws allow attackers to bypass authentication, access sensitive data, or execute arbitrary commands on affected systems. Notable incidents include critical flaws in SAP NetWeaver and SAP HANA, which have been actively exploited in the wild. The company maintains a rigorous security response program, issuing regular patches for identified weaknesses. However, the sheer volume of integrations and legacy components continues to present challenges for comprehensive vulnerability management. Organizations deploying SAP solutions must prioritize timely patching and strict access controls to mitigate these persistent risks effectively.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2020-6202 | SAP NetWeaver Application Server Java 代码问题漏洞 — SAP NetWeaver Application Server Java (User Management Engine) | 9.1 | - | 2020-03-10 |
| CVE-2020-6201 | SAP Commerce 跨站脚本漏洞 — SAP Commerce Cloud (Testweb Extension) | 6.1 | - | 2020-03-10 |
| CVE-2020-6200 | SAP Commerce SmartEdit Extension 跨站脚本漏洞 — SAP Commerce Cloud (SmartEdit Extension) | 5.4 | - | 2020-03-10 |
| CVE-2020-6199 | SAP ERP 安全漏洞 — SAP ERP (EAPPGLO) | 6.5 | - | 2020-03-10 |
| CVE-2020-6198 | SAP Solution Manager 授权问题漏洞 — SAP Solution Manager (Diagnostics Agent) | 9.8 | - | 2020-03-10 |
| CVE-2020-6197 | SAP Enable Now 代码问题漏洞 — SAP Enable Now | 3.3 | - | 2020-03-10 |
| CVE-2020-6196 | SAP BusinessObjects Mobile 安全漏洞 — SAP BusinessObjects Mobile (MobileBIService) | 7.5 | - | 2020-03-10 |
| CVE-2020-6178 | SAP Enable Now 代码问题漏洞 — SAP Enable Now | 4.3 | - | 2020-03-10 |
| CVE-2020-6185 | SAP NetWeaver和S/4HANA 跨站脚本漏洞 — SAP NetWeaver (SAP Basis) | 5.4 | - | 2020-02-12 |
| CVE-2020-6181 | SAP NetWeaver和ABAP Platform 安全漏洞 — SAP NetWeaver (SAP Basis) | 5.8 | - | 2020-02-12 |
| CVE-2020-6186 | SAP Host Agent 访问控制错误漏洞 — SAP Host Agent | 7.5 | - | 2020-02-12 |
| CVE-2020-6183 | SAP Host Agent 安全漏洞 — SAP Host Agent | 7.1 | - | 2020-02-12 |
| CVE-2020-6184 | SAP NetWeaver和SAP S/4HANA 跨站脚本漏洞 — Automated Note Search Tool (SAP Basis) | 6.1 | - | 2020-02-12 |
| CVE-2020-6191 | SAP Landscape Management 输入验证错误漏洞 — SAP Landscape Management | 7.2 | - | 2020-02-12 |
| CVE-2020-6188 | SAP ERP和SAP S/4 HANA 安全漏洞 — SAP ERP (SAP_APPL) | 7.1 | - | 2020-02-12 |
| CVE-2020-6190 | SAP NetWeaver AS Java 信息泄露漏洞 — SAP NetWeaver AS Java (Heap Dump Application) | 5.8 | - | 2020-02-12 |
| CVE-2020-6189 | SAP Business Objects Business Intelligence Platform 信息泄露漏洞 — SAP Business Objects Business Intelligence Platform (CMC) | 7.5 | - | 2020-02-12 |
| CVE-2020-6187 | SAP NetWeaver 代码问题漏洞 — SAP NetWeaver (Guided Procedures) | 4.9 | - | 2020-02-12 |
| CVE-2020-6177 | SAP Mobile Platform 输入验证错误漏洞 — SAP Mobile Platform | 2.7 | - | 2020-02-12 |
| CVE-2020-6192 | SAP Landscape Management 输入验证错误漏洞 — SAP Landscape Management | 7.2 | - | 2020-02-12 |
| CVE-2020-6193 | SAP NetWeaver 跨站脚本漏洞 — SAP NetWeaver (Knowledge Management ICE Service) | 6.1 | - | 2020-02-12 |
| CVE-2020-6303 | SAP Disclosure Management 跨站脚本漏洞 — SAP Disclosure Management | 5.4 | - | 2020-01-14 |
| CVE-2020-6304 | SAP NetWeaver Internet Communication Manager 安全漏洞 — SAP NetWeaver Internet Communication Manager (KRNL32NUC) | 7.5 | - | 2020-01-14 |
| CVE-2020-6305 | SAP Process Integration PI Rest Adapter 跨站脚本漏洞 — SAP Process Integration - Rest Adapter (SAP_XIAF) | 6.1 | - | 2020-01-14 |
| CVE-2020-6306 | SAP Leasing 安全漏洞 — SAP Leasing (SAP_Appl) | 4.9 | - | 2020-01-14 |
| CVE-2020-6307 | SAP Basis 信息泄露漏洞 — Automated Note Search Tool (SAP Basis) | 4.3 | - | 2020-01-14 |
| CVE-2019-0384 | SAP Treasury and Risk Management 安全漏洞 — SAP Treasury and Risk Management (S4CORE) | 9.8 | - | 2019-12-17 |
| CVE-2019-0383 | SAP Treasury and Risk Management 安全漏洞 — SAP Treasury and Risk Management (S4CORE) | 8.8 | - | 2019-12-17 |
| CVE-2019-0405 | SAP Enable Now 信息泄露漏洞 — SAP Enable Now | 7.5 | - | 2019-12-11 |
| CVE-2019-0404 | SAP Enable Now 信息泄露漏洞 — SAP Enable Now | 5.3 | - | 2019-12-11 |
This page lists every published CVE security advisory associated with SAP SE. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.